This is currently unsupported. I have heard of people experimenting with it - and there’s talk of adding new mechanisms to the XMPP protocol to allow for this - but nothing concrete that you can use today.

As @guus says, there is nothing out of the box available at Ignite. However, if you are a web developer, the Chat API plugin for Openfire supports time-based one-time passwords (TOTP) for 2FA with Openfire as a REST API call.

It works with the FreeOTP and Google Authenticator mobile apps. You perform a normal XMPP authentication and then add the TOTP token from your mobile phone for the second factor authentication.